Stateful and cross-protocol intrusion detection for Voice over IP

a voice over ip and stateful technology, applied in the field of telecoms, can solve problems such as redirecting rtp traffi

Active Publication Date: 2006-04-06
PURDUE RES FOUND INC
View PDF10 Cites 30 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0011] The present invention is based on the observation that a particular characteristic of Voice over Internet Protocol traffic can make it difficult for some intrusion-detection systems to recognize a VoIP-based intrusion attempt. In particular, the illustrative embodiment is b

Problems solved by technology

However, a malicious REINVITE message sent by a third-party attacker can

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Stateful and cross-protocol intrusion detection for Voice over IP
  • Stateful and cross-protocol intrusion detection for Voice over IP
  • Stateful and cross-protocol intrusion detection for Voice over IP

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027]FIG. 3 depicts a schematic diagram of the elements of internal network 301 in accordance with the illustrative embodiment of the present invention. As shown in FIG. 3, internal network 301 comprises: intrusion-detection system 302, firewall 303, and computer systems 204-1 through 204-N, where N is a positive integer, interconnected as shown.

[0028] Computer systems 204-1 through 204-N remain unchanged from the prior art in accordance with the illustrative embodiment of the present invention. Therefore no changes in software, hardware, etc. are required for any of computer systems 204 in order to make and use embodiments of the present invention.

[0029] Intrusion-detection system 302 is capable of protecting internal network 301 from some intrusion attempts, in accordance with the illustrative embodiment of the present invention. In particular, intrusion-detection system 302 is capable of storing stateful cross-protocol intrusion signatures in its rule base, and of recognizing ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A method for detecting intrusions that employ messages of two or more protocols is disclosed. Such intrusions might occur in Voice over Internet Protocol (VoIP) systems, as well as in systems in which two or more protocols support some service other than VoIP. In the illustrative embodiment of the present invention, a stateful intrusion-detection system is capable of employing rules that have cross-protocol pre-conditions. The illustrative embodiment can use such rules to recognize a variety of VoIP-based intrusion attempts, such as call hijacking, BYE attacks, etc. In addition, the illustrative embodiment is capable of using such rules to recognize other kinds of intrusion attempts in which two or more protocols support a service other than VoIP. The illustrative embodiment also comprises a stateful firewall that is capable of employing rules with cross-protocol pre-conditions.

Description

FIELD OF THE INVENTION [0001] The present invention relates to telecommunications in general, and, more particularly, to network security. BACKGROUND OF THE INVENTION [0002] An intrusion is when an unauthorized user (e.g., a “hacker,” etc.) attempts to break into or misuse (e.g., steal confidential data, etc.) a computer system. An intrusion-detection system (IDS) monitors messages (e.g., packets, etc.) incoming to a computer system and outgoing from the computer system, and based on these messages tries to determine whether an intrusion is being attempted. An intrusion-detection system might conclude that an intrusion attempt is in progress when an atypical or suspicious sequence of messages occurs, or when a sequence of messages matches a known “intrusion signature.”[0003]FIG. 1 depicts a schematic diagram of telecommunications system 100 in accordance with the prior art. As shown in FIG. 1, telecommunications system 100 comprises internal network 101 (e.g., a corporate metropolit...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F12/14
CPCH04L63/1433H04L12/22H04L12/66
Inventor GARG, SACHINSINGH, NAVJOTTSAI, TIMOTHY KOHCHIHWU, YU-SUNGBAGCHI, SAURABH
Owner PURDUE RES FOUND INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap